Re: fork/exec patch: pre-CreateProcess finalization - Mailing list pgsql-patches

From Tom Lane
Subject Re: fork/exec patch: pre-CreateProcess finalization
Date
Msg-id 18272.1073609966@sss.pgh.pa.us
Whole thread Raw
In response to Re: fork/exec patch: pre-CreateProcess finalization  (Bruce Momjian <pgman@candle.pha.pa.us>)
List pgsql-patches
Bruce Momjian <pgman@candle.pha.pa.us> writes:
> When you say sub-postmaster, you mean we fork, then process the cancel
> request?  Seems we might need special handling in there, yea.

We fork before we even read the request.  Otherwise an attacker can
trivially lock up the postmaster by sending a partial startup packet.

I've just noticed another serious bit of breakage in CVS tip (though
this might be fixed by Claudio's pending patch that reverts a lot of
the code rearrangements).  There is a reason why the 7.4 code does
on_exit_reset *immediately* after fork(), and it's not acceptable to
rearrange the code so that that happens at some random later time.
Otherwise, any problem in between leads to the child process executing
the postmaster's on_exit routines, with such pleasant side effects as
destroying the shmem segment.  For similar reasons, you don't get to
postpone setting IsUnderPostmaster true --- elog pays attention to the
value of that flag, and will do the wrong thing if called in a child
process that doesn't yet have it set.

            regards, tom lane

pgsql-patches by date:

Previous
From: Claudio Natoli
Date:
Subject: Re: fork/exec patch: pre-CreateProcess finalization
Next
From: Claudio Natoli
Date:
Subject: Re: fork/exec patch: pre-CreateProcess finalization